CN103795565A - 一种网络事件关联分析方法和装置 - Google Patents
一种网络事件关联分析方法和装置 Download PDFInfo
- Publication number
- CN103795565A CN103795565A CN201310742852.3A CN201310742852A CN103795565A CN 103795565 A CN103795565 A CN 103795565A CN 201310742852 A CN201310742852 A CN 201310742852A CN 103795565 A CN103795565 A CN 103795565A
- Authority
- CN
- China
- Prior art keywords
- rule
- network event
- scene
- new network
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 10
- 238000010219 correlation analysis Methods 0.000 title abstract 3
- 238000004458 analytical method Methods 0.000 claims description 20
- 238000012097 association analysis method Methods 0.000 claims description 11
- 238000012098 association analyses Methods 0.000 claims description 9
- 238000001914 filtration Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 9
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000005764 inhibitory process Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000002401 inhibitory effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
函数名 | 作用 |
SUM | 全局状态变量存储事件发生的 |
次数总和 | |
COUNT | 全局状态变量存储事件个数 |
Claims (6)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310742852.3A CN103795565A (zh) | 2013-12-27 | 2013-12-27 | 一种网络事件关联分析方法和装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310742852.3A CN103795565A (zh) | 2013-12-27 | 2013-12-27 | 一种网络事件关联分析方法和装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103795565A true CN103795565A (zh) | 2014-05-14 |
Family
ID=50670890
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310742852.3A Pending CN103795565A (zh) | 2013-12-27 | 2013-12-27 | 一种网络事件关联分析方法和装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103795565A (zh) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106557657A (zh) * | 2016-11-21 | 2017-04-05 | 北京市农林科学院 | 一种基于gemma的gwas分析方法及装置 |
CN111090885A (zh) * | 2019-12-20 | 2020-05-01 | 北京天融信网络安全技术有限公司 | 一种用户行为审计方法、装置、电子设备及存储介质 |
CN111259088A (zh) * | 2020-01-13 | 2020-06-09 | 中孚安全技术有限公司 | 一种基于画像技术的用户网络行为审计建模方法 |
CN115061718A (zh) * | 2022-03-24 | 2022-09-16 | 上海任意门科技有限公司 | 配置和运行状态机的方法、计算设备和计算机存储介质 |
-
2013
- 2013-12-27 CN CN201310742852.3A patent/CN103795565A/zh active Pending
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106557657A (zh) * | 2016-11-21 | 2017-04-05 | 北京市农林科学院 | 一种基于gemma的gwas分析方法及装置 |
CN111090885A (zh) * | 2019-12-20 | 2020-05-01 | 北京天融信网络安全技术有限公司 | 一种用户行为审计方法、装置、电子设备及存储介质 |
CN111259088A (zh) * | 2020-01-13 | 2020-06-09 | 中孚安全技术有限公司 | 一种基于画像技术的用户网络行为审计建模方法 |
CN111259088B (zh) * | 2020-01-13 | 2024-04-26 | 中孚安全技术有限公司 | 一种基于画像技术的用户网络行为审计建模方法 |
CN115061718A (zh) * | 2022-03-24 | 2022-09-16 | 上海任意门科技有限公司 | 配置和运行状态机的方法、计算设备和计算机存储介质 |
CN115061718B (zh) * | 2022-03-24 | 2023-12-22 | 上海任意门科技有限公司 | 配置和运行状态机的方法、计算设备和计算机存储介质 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11936663B2 (en) | System for monitoring and managing datacenters | |
US11700190B2 (en) | Technologies for annotating process and user information for network flows | |
US11196756B2 (en) | Identifying notable events based on execution of correlation searches | |
US10740170B2 (en) | Structure-level anomaly detection for unstructured logs | |
US9275224B2 (en) | Apparatus and method for improving detection performance of intrusion detection system | |
EP3855692A1 (en) | Network security monitoring method, network security monitoring device, and system | |
Wu et al. | Diagnosing missing events in distributed systems with negative provenance | |
US8577829B2 (en) | Extracting information from unstructured data and mapping the information to a structured schema using the naïve bayesian probability model | |
US20180307576A1 (en) | Field content based pattern generation for heterogeneous logs | |
US20220405279A1 (en) | Query engine for remote endpoint information retrieval | |
US10516671B2 (en) | Black list generating device, black list generating system, method of generating black list, and program of generating black list | |
Alserhani et al. | MARS: multi-stage attack recognition system | |
US8751787B2 (en) | Method and device for integrating multiple threat security services | |
RU2757597C1 (ru) | Системы и способы сообщения об инцидентах компьютерной безопасности | |
CN103795565A (zh) | 一种网络事件关联分析方法和装置 | |
CN115664833B (zh) | 基于局域网安全设备的网络劫持检测方法 | |
Bolanowski et al. | The use of statistical signatures to detect anomalies in computer network | |
Zhuang et al. | Applying data fusion in collaborative alerts correlation | |
CN112688956B (zh) | 一种基于关联规则的实时安全检测方法及系统 | |
KR102640648B1 (ko) | 특화된 데이터베이스 구축을 통한 기업 자산관리 시스템 | |
US20240179153A1 (en) | System for monitoring and managing datacenters | |
CN115102848B (zh) | 日志数据的提取方法、系统、设备及介质 | |
Komisarek et al. | Hunting cyberattacks: experience from the real backbone network. | |
Qin et al. | LMHADC: Lightweight method for host based anomaly detection in cloud using mobile agents | |
Bockermann et al. | On the automated creation of understandable positive security models for web applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C53 | Correction of patent for invention or patent application | ||
CB02 | Change of applicant information |
Address after: 100085 Haidian District East Road, No. three, China control building, floor, floor, 1 Applicant after: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant after: Beijing Topsec Network Safety Technology Co., Ltd. Applicant after: BEIJING TOPSEC TECHNOLOGY CO., LTD. Address before: 100085 Haidian District East Road, No. three, China control building, floor, floor, 1 Applicant before: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant before: Beijing Topsec Network Safety Technology Co., Ltd. Applicant before: Beijing heaven melts letter Science Technologies Co., Ltd. |
|
C53 | Correction of patent for invention or patent application | ||
CB02 | Change of applicant information |
Address after: 100085 Haidian District East Road, No. three, China control building, floor, floor, 1 Applicant after: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant after: Beijing Topsec Network Safety Technology Co., Ltd. Applicant after: Beijing heaven melts letter Science Technologies Co., Ltd. Address before: 100085 Haidian District East Road, No. three, China control building, floor, floor, 1 Applicant before: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant before: Beijing Topsec Network Safety Technology Co., Ltd. Applicant before: BEIJING TOPSEC TECHNOLOGY CO., LTD. |
|
CB02 | Change of applicant information |
Address after: 100085, room 306, north 3, building seven, 3 East Road, Haidian District, Beijing Applicant after: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant after: Beijing Topsec Network Safety Technology Co., Ltd. Applicant after: BEIJING TOPSEC TECHNOLOGY CO., LTD. Address before: 100085 Haidian District East Road, No. three, China control building, floor, floor, 1 Applicant before: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant before: Beijing Topsec Network Safety Technology Co., Ltd. Applicant before: Beijing heaven melts letter Science Technologies Co., Ltd. |
|
COR | Change of bibliographic data | ||
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20160301 Address after: 100085, room 306, north 3, building seven, 3 East Road, Haidian District, Beijing Applicant after: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant after: Beijing Topsec Network Safety Technology Co., Ltd. Applicant after: BEIJING TOPSEC TECHNOLOGY CO., LTD. Applicant after: Information & Telecommunication Company of State Grid Qinghai Electric Power Company Address before: 100085, room 306, north 3, building seven, 3 East Road, Haidian District, Beijing Applicant before: BEIJING TOPSEC SOFTWARE CO., LTD. Applicant before: Beijing Topsec Network Safety Technology Co., Ltd. Applicant before: BEIJING TOPSEC TECHNOLOGY CO., LTD. |
|
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140514 |